Re: base/release/10.1.0/contrib/file vulnerabilities?

2015-04-27 Thread Piotr Kubaj
Hi, I wrote about this vulnerability in January: https://lists.freebsd.org/pipermail/freebsd-security/2015-January/008115.html There were only patches for stable. signature.asc Description: OpenPGP digital signature

Logging TCP anomalies

2015-04-27 Thread Ronald F. Guilmette
I just now read the following TheRegister news article about detection of "Quantum Insert" funny business: http://www.theregister.co.uk/2015/04/23/detecting_nsa_style_hacking_tool_unsheathed/ I am prompted to ask here whether or not FreeBSD performs any sort of logging of instances when "duplica

Re: Logging TCP anomalies

2015-04-27 Thread Lowell Gilbert
"Ronald F. Guilmette" writes: > I am prompted to ask here whether or not FreeBSD performs any sort of > logging of instances when "duplicate TCP packets but with different > payloads" occurs, and/or whether FreeBSD provides any options which, > for example, might automagically trigger a close of

Re: Logging TCP anomalies

2015-04-27 Thread Charles Swiger
On Apr 27, 2015, at 11:37 AM, Ronald F. Guilmette wrote: > I am prompted to ask here whether or not FreeBSD performs any sort of > logging of instances when "duplicate TCP packets but with different > payloads" occurs, Not normally. Such things can be visible in netstat -s output as "completely

Re: Logging TCP anomalies

2015-04-27 Thread Ronald F. Guilmette
In message <44a8xte4i0@lowell-desk.lan>, Lowell Gilbert wrote: >"Ronald F. Guilmette" writes: > >> I am prompted to ask here whether or not FreeBSD performs any sort of >> logging of instances when "duplicate TCP packets but with different >> payloads" occurs, and/or whether FreeBSD provid

Re: Logging TCP anomalies

2015-04-27 Thread Ronald F. Guilmette
In message , Charles Swiger wrote: >On Apr 27, 2015, at 11:37 AM, Ronald F. Guilmette wrot >e: ... >> and/or whether FreeBSD provides any options which, >> for example, might automagically trigger a close of the relevant TCP >> connection when and if such an event is detected. (Connection clo

Re: Logging TCP anomalies

2015-04-27 Thread Charles Swiger
On Apr 27, 2015, at 3:12 PM, Ronald F. Guilmette wrote: > In message , > Charles Swiger wrote: >> On Apr 27, 2015, at 11:37 AM, Ronald F. Guilmette >> wrote: >>> ... >>> and/or whether FreeBSD provides any options which, >>> for example, might automagically trigger a close of the relevant TCP

join

2015-04-27 Thread James Keener
___ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org"

Re: Logging TCP anomalies

2015-04-27 Thread Ronald F. Guilmette
In message , Charles Swiger wrote: >On Apr 27, 2015, at 3:12 PM, Ronald F. Guilmette >wrote: >> As I understand it, (verbatim) duplicate packets can sometimes arrive at >> an endpoint due simply to network anomalies. However as I understand it, >> those will typically have identical lengths a